Can SonarCloud detect a recently disclosed vulnerability with Newtonsoft.Json?


We use a .NET library called Newtonsoft.Json for working with Json files in one of our applications. Yesterday GitHub posted an advisory of a vulnerability with this library. There is no CVE yet for this vulnerability: Improper Handling of Exceptional Conditions in Newtonsoft.Json · GHSA-5crp-9r3c-p9vr · GitHub Advisory Database · GitHub

I’m wondering if SonarCloud’s vulnerability scanning would detect this type of issue or if there is documentation around how vulnerability scanning rules are developed and added to handle new vulnerabilities when they are disclosed.

Thank you,